VYPR

Fiori for SAP ERP

by SAP

CVEs (1)

  • CVE-2025-23191LowFeb 11, 2025
    risk 0.20cvss 3.1epss 0.00

    Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter the `atom:link` values in the returned metadata redirecting them from the SAP server to a malicious…